edge-pipeline-orchestrator
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The script invokes specific pipeline stages using
subprocess.run. Evidence: Inscripts/orchestrate_edge_pipeline.py, therun_stagefunction executes commands usingsys.executableand paths derived from a hardcoded dictionary (SCRIPT_PATHS), which prevents the execution of arbitrary or untrusted code. - [PROMPT_INJECTION]: The skill processes structured data that may originate from external LLM components, creating an indirect prompt injection surface. Evidence: 1) Ingestion points:
llm-ideas-fileand draft YAML files are read byscripts/orchestrate_edge_pipeline.py. 2) Boundary markers: No explicit delimiters or instructions are used to isolate untrusted content. 3) Capability inventory: The script executes several subprocesses across the pipeline. 4) Sanitization: Input is parsed withyaml.safe_load, but individual values are not sanitized before being passed as arguments to other pipeline scripts.
Audit Metadata